Intensive data protection course

GDPR Data Privacy Professional

Online course on the protection of personal data in accordance with the General Data Protection Regulation. The course is delivered by certified information privacy specialists.


GDPR DPP course is designed for those who want to be qualified as professionals in the data privacy sphere. Participants who complete the course and successfully pass tests will receive a Data Privacy Professional Certificate (DPP), which can be of value when applying for privacy-related positions.

Course methodology

This course is highly interactive and involves group discussions, practical exercises, and case studies based on actual events, completed with course materials (diagrams, documents, flowcharts, and templates).

By the end of the course,
participants will be able to:


Define categories of personal data.


Navigate data protection laws and regulations.


Apply data protection principles to processing activities.


Fulfill rights of data subjects.


Determine the lawful basis for processing activities.


Allocate the roles and responsibilities of data processing​.


Handle data breach notifications.


Choose appropriate technical and organizational measures of information security.


Use proper mechanisms for cross-border transfers of personal data.

Target audience


​Сompliance officers and lawyers


Information security officers




Software developers


Human resource managers


Database administrators





This course is also suitable for Data Protection Officers who seek to become certified or update their knowledge with the latest laws.

Target competencies

Anyone who works with personal data must ensure compliance with data protection laws and international regulations. The course guarantees that candidates are familiar with data protection terminology and privacy concepts and capable of applying them in practice.

Data Protection
Information Security
Policy Creation
HR and Recruitment


September 27 - October 1


  • Concepts of privacy, data privacy, data protection. Types of privacy.
  • Review of existing data privacy laws, standards and regulations
  • Сases, court precedents, guidelines in information privacy
  • The Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data №108
  • Directive 96/46
  • Overview of present regulatory framework of data protection in EU (GDPR+)
  • History of EU General Data Protection Regulation (GDPR)
  • Territorial and material scope of GDPR
  • Structure of GDPR text (recitals, business related articles etc)
  • Overview GDPR related acts
  • National data privacy legislation
  • Legal precedents
  • Guidelines and opinions of Article 29 Working Group (Art29WP) / European Data Protection Board (EDPB)
  • Guidelines of national supervisory authorities (SAs)
  • Overview of risks, fines, responsibilities related to personal data processing
  • Mapping of the Belarusian, Ukrainian and Russian data protection laws to the rules applicable in EU.
  • The concepts of personal data (PD), identifier, data subject
  • Formula of Persomal Data “(id-x)+info”
  • Cases of (non-)personal data
  • Biometric data
  • The concepts of personal data (PD), identifier, data subject
  • Formula of Persomal Data “(id-x)+info”
  • Cases of (non-)personal data
  • Biometric data
  • Transparency of processing
  • Purpose limitation
  • Data minimisation
  • Storage limitation
  • Accuracy
  • Integrity and confidentiality
  • Accountability
  • The 7 foundational principles of privacy by design by Ann Cavoukian
  • Privacy by Default
  • Privacy embedded into design
  • Full functionality – positive-sum
  • End-to-End Security – Lifecycle Protection
  • Consent
  • Conditions for consent
  • Getting consent in UX
  • Contract
  • Legal obligation
  • Vital interest
  • Public interest
  • Legitimate interest
  • Balancing test of Legitimate Interest Assessment (LIA)
  • Modalities for exercise of the rights of the data subject
  • Right to information about processing
  • Right to access personal data
  • Right to rectification
  • Right to restriction of processing
  • Right to be forgotten
  • Right to data portability
  • Right to object
  • Right to not be subject of automated decision-making
  • Data subject’ rights restriction
  • Case “Nightmare letter from data subject”
  • Check-box approach vs risk based approach
  • Concept of risk
  • Risk likelihood and severity
  • GDPR terminology related to risks (high risk, likely etc)
  • Data Protection Impact Assessment (DPIA) requirement under GDPR
  • When DPIA is mandatory
  • BIA (Business Impact Assessment) or SIA (Security Impact Assessment) as triggers for DPIA
  • General approach to conduct DPIA
  • Describing processing operations, personal data and supporting assets
  • Legal and risk-treatment controls
  • Risk sources, feared events, threats and risks
  • Tools for Data Protection Impact Assessment
  • GDPR requirements to information security
  • Data breach notification of supervisory authorities and data subjects
  • Technical and organisational measures of managing information security risks
  • Overview of GDPR rules on cross-border data flow
  • Documenting international transfers of personal data
  • Data Processing Agreement
  • Binding Corporate Rules
  • Standard Contractual Clauses
  • Codes of conduct and certifications
  • Derogations relating to cross-border data transfers for specific situations
  • Representative in EU
  • Data Protection Officer / DPO


Siarhei Varankevich

Siarhei Varankevich


Founder of DPO Europe GmbH. Data Protection Trainer and Principal Consultant.
MBA, Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM), Certified Information Privacy Technologist (CIPT).

Contact Sales

Learn what Data Privacy Office Europe can do for you.

Fill out the form and we will contact you as soon as possible!

Terms of Use (ToU)

These Terms of Use («Terms») is a legal agreement between you (“Customer” or «you») and DPO Europe GmbH («DPO Europe,» «we» or «us») for use of the website (link) and all related services, features and content offered by the Company (collectively, the «Service»).

User Representations

By using the Website, Customer represents and warrants that:

  • Customer has the legal capacity and agrees to comply with these Terms of Use;
  • Customer is not a minor in the jurisdiction of their domicile;
  • Customer will not access the Website through automated or non-human means;
  • Customer will not use the Website for any illegal or unauthorized purpose;
  • Customer’s use of the Website will not violate any applicable law or regulation.

Prohibited Activities

Customer shall not access or use the Website for any purpose other than that for which the Website is made available to the Customer. The Website may not be used in connection with any commercial endeavors except those related to the work performed by DPO Europe on behalf of the Customer. Further, Customer agrees to refrain from the following:

  • Make any unauthorized use of the Website;
  • Retrieve data or content for the purposes of creating or compiling a database or directory;
  • Circumvent, disable, or otherwise interfere with security-related features on the Website;
  • Trick, defraud or mislead DPO Europe or other users;
  • Interfere with, disrupt or create an undue burden on the Website or DPO Europe’s networks or servers;
  • Use the Website in an effort to compete with DPO Europe;
  • Harass, annoy, intimidate or threaten any of DPO Europe’s employees, independent contractors or agents providing services through the Website.

Intellectual property rights

Unless otherwise indicated, the Website and Courses are our proprietary property and all source code, databases, functionality, software, designs, audio, video, text, photographs, and graphics (collectively, the «Content») and the trademarks, service marks, and logos contained therein (the «Marks») are owned or controlled by us or licensed to us, and are protected by copyright and trademark laws and various other intellectual property rights and unfair competition laws, foreign jurisdictions, and international conventions. The Content and the Marks are provided on the Website «AS IS» for your information and personal use only. Except as expressly provided in these Terms of Use, no part of the Website and no Content or Marks may be copied, reproduced, aggregated, republished, uploaded, posted, publicly displayed, encoded, translated, transmitted, distributed, sold, licensed, or otherwise exploited for any commercial purpose whatsoever, without our express prior written permission.

Provided that you are eligible to use the Website, you are granted a limited license to access and use the Website and to download or print a copy of any portion of the Content to which you have properly gained access solely for your personal, non-commercial use. We reserve all rights not expressly granted to you in and to the Website, the Content, and the Marks.

Rights and obligations of the Parties

DPO Europe shall be obliged to:

  • Provide quality Services in accordance with the terms of these Terms;
  • Provide the Customer’s representative with the necessary information, materials and documents;
  • Ensure confidentiality of information received by him from the Customer in connection with the Service provided, except for cases when access to such information shall be provided by virtue of the imperative provisions of the laws of Germany.

Pursuant to these Terms, DPO Europe shall be entitled to:

  • Independently determine the forms and methods of provision of the consulting and training services and develop the most effective and efficient solutions for the Customer on their basis;
  • Provide on a reimbursable basis additional services of consulting and training nature to the Customer upon the request of the latter;
  • Refuse to perform these Terms after full compensation of losses to the Customer.

In accordance with these Terms, the Customer undertakes to:

  • Pay timely and in full for the Services provided by DPO Europe under these Terms.

Pursuant to these Terms, the Customer shall be entitled to:

  • Receive quality Services on a reimbursable basis in accordance with these Terms;
  • Refuse to perform these Terms subject to payment of the actual costs incurred by DPO Europe.


All pricing quotations are valid only for 7 days from the date they are first sent to the Customer. All prices are subject to change due to the dynamic nature of our business. All prices are given in euro excluding VAT.

The course fee(s), are payable in full immediately upon confirmation. Customers must be responsible for all bank charges in relation to the overseas transactions.


When a refund is issued to the Customer by DPO Europe, the refund may take up to 14 working days to be processed. Refunds will be processed using the same payment method that the original payment was made.

Handle failed refunds

A refund can fail if the customer’s bank or card issuer has been unable to process it correctly. For example, a closed bank account or a problem with the card can cause a refund to fail. When this happens, the bank returns the refunded amount to us and we add it back to your account balance. This process can take up to 30 days from the post date.



Unless written cancellation is received at least 14 working days before the start date of the course, the full fees are payable in full and non-refundable. All cancellations made between, 0-14 working days prior to the course start date are subject to a 100% cancellation course fee which must be paid upon cancellation. If you do need to make a cancellation, please notify DPO Europe in writing via email:

Should a course booking be made less than 14 working days prior to the course start date, the above cancellation terms still apply and fees are payable in full and non-refundable.

Changes to Courses

DPO Europe reserves the right to change any part of a published course; if this is caused by circumstances beyond our control. DPO Europe reserves the right to cancel or reschedule any course and will advise the customer as soon as the change is known. DPO Europe will use all reasonable endeavors to avoid changes of this nature.  For any courses which are rescheduled due to unforeseen circumstances (such as trainer sickness/course low fill) every endeavor will be made to provide a replacement trainer or to reschedule the course and we will offer delegates as many options as possible to complete their training programs. For any courses which are cancelled by DPO Europe, the delegate will be provided with the option of a full refund.

Contents of course timetables are intended for general guidance only. Any typographical error including pricing or omission in any website, sales literature, administrative documentation, course materials, invoice, or other documents shall be liable to correction without any liability on the part of DPO Europe.


Non-attendance of any course for any reason whatsoever is deemed to be a cancellation with no notice and payment is non-refundable.

Course Suitability

The Customer accepts that it is their responsibility that the course booked is suitable for the requirements and abilities of the delegates attending.


DPO Europe reserves the right to refuse admission to any person whom it considers in its absolute discretion to be unsuitable for the training programs.


The Parties shall be exempt from liability for partial or complete non-fulfilment of obligations under these Terms if it is a consequence of the action of emergency and circumstances which are unavoidable under given conditions (force majeure). The affected Party shall be obliged to notify the other Party in writing within 5 (five) calendar days from the date of occurrence of such circumstances. The fact of occurrence of the said force majeure circumstances and their duration shall be confirmed by the document issued by the authorized organization of the country where these circumstances took place. The Party which has not notified or untimely notified the other Party about the occurrence of force majeure circumstances shall be deprived of the right to refer to their occurrence.

Privacy and Notifications

We care about data privacy and security, please read our Privacy Notice (link).

In accordance with the Privacy Notice, DPO Europe is entitled to send all notifications to the Customer by e-mail, including but not limited to announcements about product updates or technical maintenance work, invoices, payment reminders, setup or cancellation confirmations, lost access data, etc.

Governing Law

These Terms shall be governed by and construed in accordance with German law without regard to conflict of law principles.

Limitations of liability

In no event shall DPO Europe, nor its directors, employees, partners, agents, suppliers, or affiliates, be liable for any indirect, incidental, special, consequential or punitive damages, including without limitation, loss of profits, data, use, goodwill, or other intangible losses, resulting from (i) your access to or use of or inability to access or use the Service; (ii) any conduct or content of any third party on the Service; (iii) any content obtained from the Service; and (iv) unauthorized access, use or alteration of your transmissions or content, whether based on warranty, contract, tort (including negligence) or any other legal theory, whether or not we have been informed of the possibility of such damage, and even if a remedy set forth herein is found to have failed of its essential purpose.

Links to Other Websites

Our Website may contain links to third-party websites or services that are not owned or controlled by DPO Europe.

DPO Europe has no control over and assumes no responsibility for the content, Privacy Policies, or practices of any third-party websites or services. You further acknowledge and agree that DPO Europe shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such websites or services.

Contact Us

If you have any questions about these Terms, please contact us.

Please, fill in your email so we can contact you after you complete the payment and provide with all information before the start of the course.